# This controller handles the login/logout function of the site.  
class SessionsController < ApplicationController
  
  skip_before_filter :login_required, :only => [:new, :create ]

  # render new.rhtml
  def new
    
    session[:return_to] = default_route_url
    
    #Get all users to show
    @users = User.get_all_active
  end

  def create
    
    self.current_user = User.authenticate(params[:login], params[:password])
    
    if logged_in?
      flash[:message] = "Logged in successfully"
      redirect_back_or_default('/')
    else
      flash[:error] = "Heb je het juiste wachtwoord ingevoerd?"
      redirect_to login_url
    end
  end

  def destroy
    #self.current_user.forget_me if logged_in?
    cookies.delete :auth_token
    reset_session
    flash[:message] = "You have been logged out."
    #redirect_back_or_default('/')
    redirect_to login_url
  end
end
